Many advanced networks provide XML based web services that enable individual clients and systems access to network data. For example, such web services may be based on one or more network protocols designed to facilitate communications between clients and web servers that host one or more services for the clients. Examples of such communication protocols include, but are not limited to, the Simple Object Access Protocol (SOAP) and the Hyper-Text Transfer Protocol (HTTP). A common example of a web service is a virtual web meeting service. A web service generally provides to clients one or more operations or functions, which may be referred to as “methods” of the service. Examples of methods that a web meeting service typically provides include, but are not limited to, a create new meeting method, a cancel meeting method, and an update meeting method.
To access the methods of a web service, a client generally establishes a network connection to a web server hosting the particular web service. Accordingly, the web service is typically associated with a specific uniform resource locator (URL) that defines the host name and port number for network communications in addition to, for example, the particular location of the web service application in the directory structure of the server. Once a connection is established with the client, the web service provides access to its data and methods, as requested by the client.
Traditionally, web service providers have been able to implement various security measures for controlling client access. However, traditional solutions do not provide a way for a web service to track and limit client access to its methods on an individual basis. For example, traditional solutions enable the web service to only authorize client access for the service as a whole, including all of its methods, or alternatively, deny client authorization, thereby entirely restricting a client's access to all web service methods.